BYOD Policy

Cellphones, tablets, and laptops have completely revolutionized the way people work. Now we can take our devices to the office, home, business meetings, trips, and personal holidays. No matter where we are, we have access to everything we need for a productive workday right at our fingertips.

But how do you create a successful BYOD Policy for your office?

Creating a thorough and employee-based Bring Your Own Device (BYOD) strategy can help turn one of today’s modern technological feats into boosted productivity for your business.

Top Considerations When Developing a BYOD Policy:

1. Specify What Devices Are Permitted

With so many portable devices available to your employees, it is essential to establish which ones are allowed for work based-functions and which aren’t. For example, your employees may have a tablet, cellphone, and laptop. With so many devices, it can be hard to figure out which ones work best for your needs.

If you have employees who treat their tablet as a laptop, they may feel restricted and unable to bring them if you only specify that laptop computers are allowed and vice versa. You want to determine which devices will help your business goals and which could potentially hinder them.

For example, cellphones are great BYOD when concerning sales or those who work first-hand with clients continuously (such as lawyers). However, they may be problematic for individuals doing data entry, clerical duties in which calls need to be transferred, or those who need to remain focused on the task without texts and phone calls coming in.

2. Ensure That Any Devices On Your Servers Are Following Your IT Security Policy

If your work deals with sensitive information, you want to ensure that your IT Security Policy is followed on all devices used for your business’s purposes, including personal devices. While none of your employees would likely steal valuable information from one another, it does present a risk when your employee travels. For example, they could lose a phone or laptop that isn’t password-protected, putting your company at increased risk.

It is also beneficial to ensure that all devices used by your company, whether personal or commercial, are protected by internet security. Hackers will go after any device for sensitive information, and you want to ensure that your business is protected.

3. Checklist: Criteria for Developing a BYOD Policy

Creating boundaries and ensuring your employees understand them will help prevent issues concerning what can and can’t be done with personal devices.

You will want to ensure that your policy answers and touches on the following:

  • What devices can be permitted explicitly onto the company’s network?
  • What security protocols must employees and devices follow?
  • Give clear directions on how foreign devices, cellphones, and tablets, can access the data on your business’s network.
  • Ensure your staff understands who owns the apps and data being kept and used on their devices.
  • Decide which actions cannot be performed on personal devices, such as entry of sensitive information.
  • Combine your BYOD and an acceptable use strategy to ensure that devices are not used for personal purposes during company hours.
  • Create a plan to quickly and securely add and remove users.

Considerations on Device Wiping, Upgrades, Lost Devices

It seems silly to think anyone other than your company owns the data and apps being stored for company use on personal or commercial devices. However, this can become a bit hectic when an individual is looking to wipe their device when they are upgrading or if they lose it.

Why is this an issue? Typically, content on the phone is erased, including personal pictures, music, and apps that your individual may have purchased for their use. While work information may be found on commercial devices and networks, personal information is not. This creates a problem for businesses when personal and business interests conflict.

Your employee may have reservations about wiping their phone to keep personal data. However, that could create a security risk for your business. Therefore, your BYOD plan needs to clarify that individuals using their device must wipe it when that device becomes compromised to protect the company. This gives your employee the right to decide whether or not they want to risk using a work device to hold sensitive personal information.

4. Checklist: Acceptable Use Policy and BYOD Policy

It is important to ensure that both policies work hand in hand. While your business may already have an acceptable use policy for their commercial devices, it is equally important for these to apply for personal devices. The acceptable use policy should answer the following questions;

  • If an employee posts on social media while using your company’s VPN tunnel, is that a violation of the acceptable use policy?
  • What if the employee is browsing objectionable content and websites on their own devices VPN?
  • What happens if they transmit material that may not be appropriate for work use over your network, even if they use their own devices? What actions will be taken for such actions?
  • How will device usage be monitored to enforce company device usage policies?
  • Does your company have the right to set up rules concerning using devices in the workplace?

5. Setting Up an Exit Strategy for Employee Devices

When employees leave your company for any reason, you want to ensure they are not taking your company’s sensitive information. Therefore, you need to set up a plan to remove access tokens, work email access, data access, and other proprietary information from their device.

Professional Outsourced IT Services

Blue Jean Networks promotes business efficiency by disseminating expert IT services and support. For more information about our vast array of services, including comprehensive mobile device management and IT consulting, call our team today!